Captain Captain
Captain
1115 views

CentOS 8.1 vs DP 10.40

Jump to solution

I try to use DP 10.40 disk client on CentOS 8.1. The manual installation is finished without any problem, the import client geting the following error:

cell manager side debug.log:

2020-04-09 17:24:01.746  CRS-THREAD.20578.1702864640 ["/cs/mcrs/daemon.c $Rev$ $Date::                      $:":4515] A.10.40 b118
DbgStack: DbgFcnOut() function does not match function on stack!
    ExitFcn="ProcessRequest", StackFcn="SSCconfig_configurePeer_with_fprint"

cmd:crs
Function trace (currentLevel=1):
        Level  1: SSCconfig_configurePeer_with_fprint(handle:1, host:teraintra.domain.hu)
        Level  0: ProcessRequest(ctx:2, peer:**PERSONAL INFORMATION REMOVED**)

"ProcessRequest" found on stack, adjusted level to 0 (one or more DbgFcnOut() calls missing)

client side debug.log:

2020-04-09 17:24:01.957  INET.3301.0 ["/lib/ipc/ipc.c $Rev$ $Date::                      $:":6747] A.10.40 b118
[ipc_receiveDataExBase] invalid IPC packet header (369295616) => fail with ERROR
[ipc_receiveDataExBase] from connectionIP:[10.166.6.3], peerHost:[], peerProg:, pid:0
Dump of the first 4 bytes
[DbgDumpMem] 4/4 bytes 
	16 03 01 00                                                               ....
cmd:inet
Function trace (currentLevel=3):
	Level  3: ipc_receiveDataExBase(handle=1, buffer size=0, timeout=10)
	Level  2: ipc_peekDataEx(handle=1, buffer size=0, timeout=10)
	Level  1: Sec_NegotiateAccept(handle:1)
	Level  0: SecIpcAcceptConnection()

 

 any idea?

0 Likes
1 Solution

Accepted Solutions
Captain Captain
Captain

We found the solution:

we must install libnsl package:

/opt/omni/bin/omnicc -secure_comm -regenerate_cert bekes0m2-cm.domain.hu
/opt/omni/bin/perl: error while loading shared libraries: libnsl.so.1: cannot open shared object file: No such file or directory
Certificate regeneration failed.

# yum search nsl
# yum install libnsl

# /opt/omni/bin/omnicc -secure_comm -configure_peer bekes0m2-cm.domain.hu
 - Please use the fingerprint to validate the certificate manually!
Certificate information:
 - Hostname:bekes0m2-cm.domain.hu
 - Valid: from Oct 29 20:24:02 2018 GMT until Oct 26 20:24:02 2028 GMT
 - Fingerprint: 3a:65:c8:39:18:c4:c4:bd:0b:ac:fe:89:8c:1d:22:73:86:40:3d:ca:5b:64:40:59:5b:bf:90:16:bb:e0:a7:67
Do you want to continue (y/n)?y
Host 'bekes0m2-cm.domain.hu' configured for secure configuration successfully.

View solution in original post

6 Replies
Micro Focus Expert
Micro Focus Expert

Hello @kofop,

Please share the actual error (screenshot or command output) you're seeing. The debug.log is is not helpful without it. Have you installed xinetd on the CentOS client? systemd support is coming with DP 10.70 soon. Have you been able to configure Secure Communication with omnicc -secure_comm -configure_peer in both directions? Is the firewall open/stopped on the CentOS system? 

Regards,
Sebastian Koehler

---
Please use the Like button below, if you find this post useful.
0 Likes
Captain Captain
Captain

Hi,

The firewalls are stoped.

Xinetd installed (see the logs the hosts are starting communication), 5565 port is open:

bekes0m2-cm:/var/opt/omni/log # /opt/omni/bin/omnicc -secure_comm -configure_peer 10.166.6.44
Secure communication protocol negotiation error when trying to establish a connection.
Check the validity of certificates and their configuration.

bekes0m2-cm:/var/opt/omni/log # telnet 10.166.6.44 5565
Trying 10.166.6.44...
Connected to 10.166.6.44.
Escape character is '^]'.
bekes0m2-cm:/var/opt/omni/log # /opt/omni/bin/omnicc -import_host 10.166.6.44
[12:1625] Import host failed.
bufbekes0m2-cm:/var/opt/omni/log #

...just a "buf" 😞

Other clients (with suse and windows) are working with this cell.

 

0 Likes
Micro Focus Expert
Micro Focus Expert

Hello @kofop,

Never use /opt/omni/bin/omnicc -secure_comm depends on host names, never use it with IPs. What does /opt/omni/bin/omnicc -secure_comm -get_fingerprint return on the CentOS 8.1 client? If it is empty then check hostname and dnsdomainname output. Fix DNS and/or /etc/hosts and let me know.

Regards,
Sebastian Koehler

---
Please use the Like button below, if you find this post useful.
0 Likes
Captain Captain
Captain

Hi,

We always try dns names too, just I sent the IP version for this forum (masking the real names) 

[root@teraintra ~]# /opt/omni/bin/omnicc -secure_comm -configure_peer bekes0m2-cm.domain.hu
Error getting certificate from the peer 'bekes0m2-cm.domain.hu'.

Failed to get peer certificate.
[root@teraintra ~]# /opt/omni/bin/omnicc -secure_comm -get_fingerprint
Couldn't find certificate file.

 

0 Likes
Captain Captain
Captain

We found the solution:

we must install libnsl package:

/opt/omni/bin/omnicc -secure_comm -regenerate_cert bekes0m2-cm.domain.hu
/opt/omni/bin/perl: error while loading shared libraries: libnsl.so.1: cannot open shared object file: No such file or directory
Certificate regeneration failed.

# yum search nsl
# yum install libnsl

# /opt/omni/bin/omnicc -secure_comm -configure_peer bekes0m2-cm.domain.hu
 - Please use the fingerprint to validate the certificate manually!
Certificate information:
 - Hostname:bekes0m2-cm.domain.hu
 - Valid: from Oct 29 20:24:02 2018 GMT until Oct 26 20:24:02 2028 GMT
 - Fingerprint: 3a:65:c8:39:18:c4:c4:bd:0b:ac:fe:89:8c:1d:22:73:86:40:3d:ca:5b:64:40:59:5b:bf:90:16:bb:e0:a7:67
Do you want to continue (y/n)?y
Host 'bekes0m2-cm.domain.hu' configured for secure configuration successfully.

View solution in original post

Hello @kofop !

It really works and it helped me a lot!

Thank you very much!

Best Regards,

Juliano Flores

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.